Trudesk@* Security Vulnerabilities and Issues — Trudesk@* CVE List

Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.

7.6CVSS6.6AI score0.00415EPSS

CVE•added 2022/05/31 2:15 a.m.•67 views

CVE-2022-1931

Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.

9.1CVSS8.2AI score0.0032EPSS

CVE•added 2022/04/11 7:15 a.m.•65 views

CVE-2022-1045

Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.

9CVSS5.8AI score0.00301EPSS

CVE•added 2022/04/10 4:15 p.m.•64 views

CVE-2022-1290

Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.

9CVSS5.9AI score0.00304EPSS

CVE•added 2022/05/21 3:15 a.m.•61 views

CVE-2022-1752

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.

9CVSS8AI score0.00387EPSS

CVE•added 2022/05/20 11:15 p.m.•60 views

CVE-2022-1775

Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.

9.8CVSS9.3AI score0.00284EPSS

CVE•added 2022/05/20 10:16 p.m.•56 views

CVE-2022-1803

Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2.

8.4CVSS7.1AI score0.00323EPSS

CVE•added 2022/05/20 6:15 p.m.•55 views

CVE-2022-1770

Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.

9.9CVSS8.8AI score0.00284EPSS

CVE•added 2022/05/12 8:15 a.m.•54 views

CVE-2022-1044

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.

8.2CVSS6.8AI score0.00301EPSS

CVE•added 2022/05/31 9:15 a.m.•51 views

CVE-2022-1926

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.

7.6CVSS5.5AI score0.00392EPSS

CVE•added 2022/05/20 7:15 a.m.•48 views

CVE-2022-1754

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.

8.4CVSS6.9AI score0.00507EPSS

CVE•added 2022/06/20 5:15 p.m.•45 views

CVE-2022-2128

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.

9.8CVSS9.6AI score0.00376EPSS

CVE•added 2022/09/29 3:15 a.m.•43 views

CVE-2022-1719

Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page

5.5CVSS5.4AI score0.00165EPSS

CVE•added 2022/09/29 3:15 a.m.•38 views

CVE-2022-1718

The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service.

7.5CVSS7AI score0.00196EPSS